<?php
	
	/**
   * edit-courses allows a user with sufficient privileges to edit the details of a course. These courses make up a pool of possible
   * courses for each semester, so this page in effect is like editing the course catalog. The course to be edited on this page
   * is selected from the 'manage-courses' page.
   *
   * @Author Tyler Bradovich
   */
   
    @session_start();
    require_once 'shared-functions.php';
    require_once 'session.php';
    require_once 'masterpage.php';
    
    if(!IsValidSession())
    {
        header('Location: login.php?page=manage-courses');
        exit();
    }
    else
    {
    	RefreshSession();
    }

	$user = GetCurrentUserAccessLevel();
	
    //Check user access
    if($user != $DIRECTOR && $user != $ADMIN && $user != $PRINCIPLE)
    {
        header('Location: login.php?page=edit-courses&error=To access the edit courses page, please log in as a director, principle or admin&logout=1');
        exit();
    }
	
    masterpage("Edit Courses");
	
	echo "<a href='manage-courses.php'>&lt;&lt; Back to Manage Courses</a>";
	
	if (!isset($_POST['submitted'])) // First time navigating from manage courses
	{
		$link = connect_db();
		$query = "SELECT `CourseID`, `Name`, `Description`, `Credits`, `SpecialFee`, `CourseCode` FROM `Course` WHERE `CourseID` = '$_POST[id]';";
		$courses = mysql_query($query,$link);
		if(!$courses)
		{
			echo "<br/><br/>Oops...something went wrong. Please contact support.";
			exit();
		}
		
		$tblrow = mysql_fetch_array($courses,MYSQL_BOTH);
	
		$CourseName = $tblrow['Name'];
		$CourseDesc = $tblrow['Description'];
		$Credits = $tblrow['Credits'];
		$SpecialFee = $tblrow['SpecialFee'];
		$CourseCode = $tblrow['CourseCode'];
	}
	
	$validInput = true;
	$hideInput = false;
	
	if (isset($_POST['submitted'])) // Clicked submit
	{
		$CourseName = $_POST['CourseName'];
		$CourseDesc = $_POST['CourseDesc'];
		$Credits = $_POST['Credits'];
		$SpecialFee = $_POST['SpecialFee'];
		$CourseCode = $_POST['CourseCode'];
		
		//Default Credits and SpecialFee to 0 if left blank
		if ($Credits == '')
			$Credits = '0';
		if ($SpecialFee == '')
			$SpecialFee = '0';
		
		// Validate Length
		if (strlen($CourseCode) > 8)
		{
			echo "<p class='errorText'>Course Code cannot be more than 8 characters long.</p>";
			$validInput = false;
		}
		// Required fields
		if ($CourseName == '' || $CourseDesc == '' || $CourseCode == '')
		{
			echo "<p class='errorText'>Course Name, Code, and Description are required.</p>";
			$validInput = false;
		}
		else if (!is_numeric($Credits) || !is_numeric($SpecialFee)) // Check numeric-only fields
		{
			echo "<p class='errorText'>Credits and Special Fee can only contain numbers.</p>";
			$validInput = false;
		}
		
		if ($validInput)
		{
			$link = connect_db();
			$query = "UPDATE `Course` SET `Name` = '$CourseName', `CourseCode` = '$CourseCode', `Description` = '$CourseDesc', `Credits` = '$Credits', `SpecialFee` = '$SpecialFee' WHERE `CourseID` = '$_POST[id]';";
			mysql_query($query, $link);
			if (mysql_affected_rows())
				echo "<br/><br/><strong>Course Edited</strong>";
			else
				echo "<br/><br/><strong>Course NOT edited</strong>";
				
			echo "<br/><br/>";
			echo "Course Name: $CourseName<br/>";
			echo "Course Code: $CourseCode<br/>";
			echo "Description: $CourseDesc<br/>";
			echo "Credits: $Credits<br/>";
			echo "Special Fee: $SpecialFee<br/>";
				
			$hideInput = true;
		}
	}
	
	if (!$hideInput)
	{	
		echo "<form action='edit-courses.php' method='POST'>";
		echo "	<input type='hidden' name='id' value='$_POST[id]'/>";
		echo "	<p>Course Name:<span class='requiredText'>*</span><br/><input type='text' name='CourseName' value='$CourseName'/></p>";
		echo "	<p>Course Code:<span class='requiredText'>*</span><br/><input type='text' name='CourseCode' value='$CourseCode'/></p>";
		echo "	<p>Description:<span class='requiredText'>*</span><br/><textarea name='CourseDesc' rows='3' cols='70'>$CourseDesc</textarea></p>";
		echo "	<p>Credits:<br/><input type='text' name='Credits' value='$Credits'/></p>";
		echo "	<p>SpecialFee:<br/><input type='text' name='SpecialFee' value='$SpecialFee'/></p>";
		echo "	<input type='submit' value='Edit Course'><input type='hidden' value='1' name='submitted'/>";
		echo "</form>";
	}
    
    endmasterpage();
?>

